The internet held its breath, as searches for the president’s @realDonaldTrump personal Twitter account brought up the message on screen that that handle “does not exist”.

Then came the news shortly afterwards that the brief deactivation had been caused by a staff member at Twitter who was working his or her last day. The internet erupted with social media users posting jokes hailing the departing Twitter staffer, and mischievous suggestions that the real culprit might have been Hillary Clinton or Barack Obama.

After initially declaring itself baffled, San Francisco-based Twitter issued a statement, which appeared to confirm the blackout was no accident, saying: “Through our investigation we have learned that this was done by a Twitter customer support employee who did this on the employee’s last day. We are conducting a full internal review.”

The identity of the staffer has not yet been revealed.

Once @realDonaldTrump was back online, the president tweeted about the incident, claiming to his 42 million followers that the sabotage proved he was “having an impact”.

My Twitter account was taken down for 11 minutes by a rogue employee. I guess the word must finally be getting out-and having an impact.

Other users then replied with messages such as the simple “employee of the year”, profanity-laced insults, an image of Batman punching Trump, speculation that the account was taken down by special counsel Robert Mueller, and: “USA was great again – for 11 minutes.”

Beyond the jokes, some experts were worried by what the incident said about Twitter’s security and the prospect of another employee taking control of Trump’s account to send tweets on, say, North Korea or race that had consequences in the real world.

“Tech administrators have extraordinary power,” said Bruce Schneier, a technology security expert, fellow and lecturer at the Harvard Kennedy School of Government. “The system guys in any company are like the plumbers, they can delete an account, copy material, take over – no one in the tech world is surprised about this.”

Schneier said that there was little to be done to prevent such a thing happening again. Twitter can vet employees thoroughly, or explore the law to see if there is a way to punish the rogue departing staffer, as a deterrent, but these were all fallible methods. The most reliable way to prevent someone at Twitter commandeering Trump’s account would be to have two staff always next to each other, monitoring each other, he said.

“That’s what the NSA did after Edward Snowden copied everything, so no person is ever alone with the information. That costs an extraordinary amount of money; no ordinary company can afford that kind of resources,” he said.

Speaking on condition of anonymity, a former Twitter employee told Reuters it was unlikely a worker with suspension privileges would also be able to hijack an account to send out messages.

“Different types of access,” the former employee said. “I’m not sure anyone at Twitter can tweet from someone else’s account.”

But fears were exacerbated by reports that the culprit was a contractor, rather than an employee.

Trump has insisted on maintaining his direct access to the public via his Twitter habits, and has been criticised for using an unsecured Android phone.

The secret service objected to Barack Obama using his Blackberry device after he reached the White House, and modified it. But as Schneier pointed out: “The secret service works for the president.”

Twitter suspends accounts if they engage in abusive behavior, have been hacked, are fake or promote spam. In such cases, the profile is marked “account suspended”.